Data Privacy Policy

Effective Date: 1 January 2026 Last Updated: 5 March 2026

Introduction

SHLORBT Research Labs is committed to respecting privacy and handling information responsibly. This Data Privacy Policy explains how information is collected, used, stored, and protected when individuals interact with our website, publications, research disclosures, or communications.

This policy reflects our research-focused operations and our principle of collecting only what is necessary, handling information carefully, and retaining it no longer than required.

Data Controller

For the purposes of this policy, the entity responsible for the processing of information described herein is:

SHLORBT Research Labs Operating online. Questions regarding data protection or information handling may be directed to below mentioned email address.

Scope of This Policy

This policy applies to information collected through:

• This website and its published content
• Email communications with SHLORBT Research Labs
• Responsible disclosure submissions
• Research correspondence and inquiries
• Advisory, collaboration, or engagement-related communication

This policy does not apply to third-party websites or services that may be linked from this site.

Information We Collect

SHLORBT Research Labs operates with a minimal data collection approach. Depending on the nature of interaction, we may collect the following categories of information.

Information You Provide Voluntarily

This may include:

• Name, alias, or organizational affiliation
• Email address or other contact details
• Technical information submitted as part of responsible disclosure
• Correspondence content, including attachments
• Research-related submissions or inquiries

Submission of such information is voluntary and based on user intent to communicate with us.

Technical and Log Information

When accessing this website, limited technical information may be processed as part of normal web operations, such as:

• Browser type and version
• Operating system
• Approximate network information
• Date and time of access

This information is used solely for operational, security, and reliability purposes and is not used to identify individuals.

Purpose of Data Processing

Information collected by SHLORBT Research Labs is processed only for legitimate and specific purposes, including:

• Responding to inquiries and communications
• Handling responsible vulnerability disclosures
• Coordinating research or advisory activities
• Maintaining the integrity and security of our operations
• Complying with legal and regulatory obligations

SHLORBT Research Labs does not use personal data for advertising, profiling, or unsolicited marketing. The organization does not operate advertising networks, behavioral tracking systems, or data brokerage services.

Legal Basis for Processing

Information may be processed on one or more of the following grounds:

• Voluntary consent provided through communication or submission
• Legitimate interest in conducting security research and related operations
• Compliance with legal or regulatory obligations where applicable

Individuals may withdraw consent by contacting SHLORBT Research Labs, subject to legal or operational constraints.

Data Handling and Protection

SHLORBT Research Labs implements reasonable administrative, technical, and organizational safeguards to protect information against unauthorized access, misuse, disclosure, or loss.

Access to information is restricted to authorized personnel and handled strictly on a need-to-know basis. Sensitive technical submissions are treated with heightened care due to their potential security implications.

Data Retention

Information is retained only for as long as necessary to fulfill the purposes for which it was collected, including research validation, disclosure coordination, and legal compliance.

Typical retention periods may include:

• Security disclosure reports retained until resolution and advisory publication
• Research correspondence retained for operational reference
• Website technical logs retained for limited security monitoring periods

Where retention is no longer required, information is securely deleted or anonymized where appropriate.

Cookies and Analytics

This website does not use advertising cookies or behavioral tracking systems.

Basic technical logs or minimal analytics may be used solely to ensure website reliability, performance monitoring, and security analysis.

Confidentiality of Research Submissions

Technical information submitted as part of responsible disclosure or research communication may contain sensitive details. Such information is:

• Used solely for validation and coordination purposes
• Shared only with relevant stakeholders where necessary and appropriate
• Handled under confidentiality expectations consistent with responsible disclosure practices

SHLORBT Research Labs does not sell, rent, or trade submitted information.

Data Sharing and Disclosure

SHLORBT Research Labs does not disclose personal data to third parties except in the following circumstances:

• With explicit consent of the individual
• For coordinated disclosure with affected vendors or maintainers
• To comply with applicable laws or lawful requests by competent authorities
• To protect the rights, safety, or integrity of SHLORBT Research Labs or others

Any such disclosure is limited to what is necessary and appropriate.

Cross-Border Considerations

During vulnerability coordination or research collaboration, information may be shared with entities located outside the jurisdiction in which the information originated.

Such sharing is conducted responsibly and in accordance with applicable data protection and export control requirements.

Rights of Individuals

Subject to applicable laws, individuals may request:

• Access to information they have provided
• Correction of inaccurate information
• Deletion of information where retention is no longer required

Requests may be made by contacting SHLORBT Research Labs using the contact details provided below.

Legal Requests

SHLORBT Research Labs may respond to lawful requests for information from competent authorities where legally required.

Any disclosure will be limited to the minimum information necessary and evaluated for consistency with applicable law and responsible security disclosure practices.

Security Incidents

In the event of a data security incident affecting collected information, SHLORBT Research Labs will assess the impact and take appropriate remedial action consistent with legal and ethical obligations.

Policy Updates

This policy may be updated periodically to reflect changes in operations, legal requirements, or research scope. Updated versions will be published on this site with a revised effective date.

Contact

Questions or concerns regarding this Data Privacy Policy may be directed to:

contact@shlorbt.cloud

For security-related matters, please contact:

security@shlorbt.cloud